September 16, 2006
Hacking Diebold voting machines

There's been a lot of fear and loathing over electronic voting machines lately. While I absolutely agree that all such machines need to print a paper ballot to serve as a backup and as a sanity check against fraud, I have found some of the hype over these machines to be over the top. In particular, there's a certain strain of defeatism that you find in some progressive blogs and discussion boards, of the flavor "it doesn't matter what we do, they've got Diebold machines and they'll just fix things so we lose", which I find repulsive and aggravating.

Having said all that, I think this Princeton study of Diebold machines needs to be read by everyone who cares about fair elections, if only so we can have a real discussion about the risks and steps that need to be taken to ensure proper security. I'll quote from the executive summary to get you started:

The main findings of our study are:

1. Malicious software running on a single voting machine can steal votes with little if any risk of detection. The malicious software can modify all of the records, audit logs, and counters kept by the voting machine, so that even careful forensic examination of these records will find nothing amiss. We have constructed demonstration software that carries out this vote-stealing attack.

2. Anyone who has physical access to a voting machine, or to a memory card that will later be inserted into a machine, can install said malicious software using a simple method that takes as little as one minute. In practice, poll workers and others often have unsupervised access to the machines.

3. AccuVote-TS machines are susceptible to voting-machine viruses - computer viruses that can spread malicious software automatically and invisibly from machine to machine during normal pre- and post-election activity. We have constructed a demonstration virus that spreads in this way, installing our demonstration vote-stealing program on every machine it infects.

4. While some of these problems can be eliminated by improving Diebold's software, others cannot be remedied without replacing the machines' hardware. Changes to election procedures would also be required to ensure security.

There are many ways to improperly affect an election, from good old fashioned voter suppression techniques to unconstitutional voter ID laws. We cannot take the integrity of voting machines for granted. If they don't pass muster, we need to get better ones. It's as simple as that.

Posted by Charles Kuffner on September 16, 2006 to Show Business for Ugly People | TrackBack

unconstitutional voter ID laws.

One state judge nixed the legislation on state constitutional grounds, but it's not clear that decision will hold on appeal. Even if it does, the legislature can surely fix the price of the IDs, which was the legally contentious point.

Missouri will have improved ballot security. They've made it a legislative priority, and I doubt one judge is going to be able to thwart the move. That's interesting since Missouri is, in many ways, a political bellwether.

Posted by: kevin whited on September 16, 2006 9:33 AM

Funny how these ballot-security crusaders never seem to worry about mail-in ballots, isn't it? Or that everyone has free and easy access to an acceptable ID card. I wonder why that might be.

Posted by: Charles Kuffner on September 16, 2006 11:53 AM

Even if a state makes free voter ID cards available, a constitutional requirement, there is still the problem of those without birth records. All of this to fix a non-problem. The serious fraud that is taking place is on mail-in ballots which this doesn't touch and with people being maliciously removed from voting rolls by partisan operatives.

Emails were discovered of a national GOP campaign in 2004 to target black neighborhoods and individual black soldiers in Iraq with registered mail so that all returned mail could be used to remove Democratic voters from the rolls.

Posted by: Gary Denton on September 16, 2006 4:53 PM

Robert F. Kennedy, Jr. and RollingStone magazine

Will The Next Election Be Hacked?

Fresh disasters at the polls -- and new evidence from an industry insider -- prove that electronic voting machines can't be trusted



Long Live Paper Ballots

Posted by: Prove Our Democracy with Paper Ballots on September 21, 2006 8:59 PM